I was a little surprised when I heard VMware’s Narayan Bharadwaj mention Terraform during the opening session of Cloud Field Day 7. In fact, what he said is that VMware is “embracing Terraform in a pretty big way” as part of their focus on Infrastructure as Code.
This struck me for two reasons. One, you wouldn’t be off-base to think of Terraform as a competitor to several VMware products. And two, because of the things that it makes possible.
VMware & Terraform?
First things first, I had to check it out. Sure enough, there are actually several Terraform providers for VMware products.
It looks like the oldest is the VMware vSphere Provider (version 0.1.0 was published about 3 years ago):
The VMware vSphere provider gives Terraform the ability to work with VMware vSphere Products, notably vCenter Server and ESXi. This provider can be used to manage many aspects of a VMware vSphere environment, including virtual machines, standard and distributed networks, datastores, and more.
Of course, since the #CFD7 presentation was all about VMware Cloud (VMC) on Amazon Web Services (AWS), the announcement I heard was focused on the more recent providers for, yes, VMC, and for NSX-T (which is an integral component of VMC).
What’s more, the “official” Automation Resource Digest for VMC includes the following:
Infrastructure as Code (IaC): There are several IaC tools/modules for VMware Cloud on AWS automation that have been developed by VMware and/or the developer community. Recently, a new HashiCorp Terraform provider for VMware Cloud on AWS has been released that can be used to provision and manage SDDC. Customers can now use this provider with vSphere Terraform provider and NSX-T Terraform provider to automate their end-to-end use cases from network & security configuration to VM provisioning.
I also found a couple other WMware/Terraform providers; for vCloud Director and vRealize Automation / vRA7.
What’s a Terraform?
Hold up. Before I go any further, we need to address the question that is on at least a few of your minds… “What is this Terraform thing you keep talking about, and why should I care?“
Terraform is the only open source infrastructure as code provisioning tool that is immutable, declarative, masterless, agentless, and idempotent. If you want to argue about that, or learn more about why it matters, I refer you to the expert, Yevgeniy Brikman:
For those who aren’t quite ready to dive into the deep end, here’s some basic info from Nico Vibert‘s great blog post (which includes examples of how to set up Terraform with VMware Cloud on AWS): Terraform is…
- Part of Hashicorp DevOps Tool suite. Others are Vagrant, Packer, Vault, Consul, Nomad.
- It’s open-source.
- It’s designed to build, change, version, infrastructure across multiple providers – AWS, Azure, Google Cloud, vSphere, OpenStack, etc…
- It’s Infrastructure as Code, written in JSON or in HCL (HCL is the HashiCorp configuration language).
- You describe the end-state of the infrastructure you want to build in a high-level syntax and Terraform will deploy it for you.
- You can run a command to validate the code before deploying (terraform validate)
- You can run a command to understand what will be deployed (terraform plan).
- You can easily deploy the whole infrastructure with a single command (terraform apply).
- Terraform keeps a state of what’s already deployed and if you run the terraform apply command again after having updated the code, it will only apply the ‘delta’ (instead of creating it again).
With that out of the way, let’s dig a little deeper into what this partnership might mean.
Sleeping with Snakes
OK, before I get misquoted here, let me be super clear that in this analogy neither Hashicorp nor VMware are the snake.
I just can’t shake the image of VMware embracing “the cloud” and all that entails, while the cloud in turn is trying to suffocate VMware like some huge inevitable anaconda.
Call it… Sleeping with the enemy. Dealing with the devil. Solving the innovators dilemma. Turning a negative into a positive. Or just trying to ensure future relevance. Whatever name you give to this (potentially deadly) embrace, you have to admit that VMware is doing a damn fine job of it.
In fact, adding Terraform providers to facilitate a focus on infrastructure as code is only the newest (to me) in a long line of partnerships and acquisitions in which VMware is actively embracing companies, products, and services that most folks would classify as their competitors.
Let’s start with the over-arching topic of VMware’s CFD7 presentations: VMware Cloud on AWS. Before they first announced this offering back in October 2016, everyone was talking about a showdown between two giants on a collision course for each other. Very few people outside of that decision ever imagined the current level of partnership.
How about that time they bought VeloCloud and created VMware SD-WAN? Remember that the impetus behind SD-WAN is largely cloud adoption. Traditional WANs were designed for on-premises data centers; many of which are vCenter powered Software Defined Data Centers (SDDC). So why would VMware buy a company that makes it easier for enterprises to adopt public cloud?
They did it for the same reason that they embraced AWS and Terraform and multi-cloud security and et cetera. Because they know that they can’t rest on their laurels. That they must meet their users where they are, which more and more is “in the cloud.” And why shouldn’t a no-hardware-allowed virtualization company thrive in the time of the cloud anyway? Kudos VMware.
VMware & Terraform!
So, what does this make possible?
Let’s check back in with our friend Nico Vibert and his more recent blog post:
There are many cool use cases that I can think of – automation, pop-up DCs for expansion, disaster recovery, etc… For example, I know of a couple of our customers in the education field who use VMware Cloud on AWS for online training and education. Terraform for VMware Cloud on AWS gives them the ability to stand up the same copy of their VMware Cloud environment for each training class. They can entirely automate the deployment of their SDDC on the day of the training class and spin it back down once the class is completed.
Combine this with Terraform with NSX and Terraform with vSphere and you can essentially ‘versionize’ and package your entire DC.
Mix it with the other flavours of VMware Cloud: VMware Cloud on Dell EMC and VMware Cloud on AWS Outposts – you could potentially get your hardware delivered on-site and get it all set up with a “terraform apply”….
I hope that got your juices flowing and your gears turning as much as mine are. If so, what are you waiting for?
[…] VMware Embracing Terraform: Infrastructure as Code […]